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REMARKS 

Reconsideration and further examination is respectfully requested. 
Objections to the Disclosure 

The disclosure was objected to for failure to appropriately indicate trademark ownership 
status. Applicants have amended the specification to correct this oversight, and it is respectfully 
requested that the objection be withdrawn. 

Rejections under 35 U.S.C. SI 02 

Claims 1-152 were rejected under 35 U.S.C. §102(b) as being anticipated by Mima, US- 
Patent 5,748,736. 

It is noted that in order to support a rejection under 35 U.S.C. §102, every limitation in 
the claim must be found or suggested in the prior art. As will be described below, the key 
distribution scheme described in Mittra is different than that recited in the claimed invention, and 
for at least this reason the rejection under 35 U.S.C. §102 is improper. 

Mittra 

Mittra describes, at column 7, lines 45-65; 

".. Joining a secure multicast group requires the joining member first to set up a separate secure 
channel with the GSC of the group (using a unicast communication line). The purpose of the 
secure channel is to facilitate and isolate confidential communication between the GSC arid this 
member during the time that the member is part of the group. . , Upon receiving a join request 
(and approving it), the GSC inserts the members identification and information concerning the 
secure channel in a private database it maintains. In this way the GSC has full knowledge of the 
group membership and can communicate with each member separately and securely when 
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required. The member must also store information concerning the secure channel for future 
communication with the GSC. . . All communications from the GSC must include a message 
digest and be digitally signed so that receivers may verify that the message has not been 
corrupted and the sender was actually the GSC , Only the GSC maintains information 
concerning group membership; members do not know about each other (except that receivers 
may need to know the list of authorized senders).. 

Mittra also states, at column 8, lines 14-22: 

„Once the GSC and the new member have authenticated each other and have agreed on a 
secret the GSC needs to provide the new member with information that will allow it to encrypt 
and/or decrypt the multicast transmission. At this point the GSC also needs to change the group 
key (Kgip) which provides access to the multicast transmissions. This is done to prevent the 
joining member from decrypting previous transmissions to which it should not have access. . 


Accordingly, Mittra describes a method by which authorization of a member is performed 
by the provider of the key (the GSC) when a device wishes to join a group. Once that key 
exchange has occurred, then a group key is distributed to all members of the group. Note that 
Mittra explicitly states " „ members do not know about each other. „ n 


In contrast, claim 1 as amended recites "...A communication system comprising a 
plurality of multicast devices forming a shared multicast distribution tree a host device; a key 
server; and a designated device, separate from the key server, through which the host device 
accesses the shared tree, wherein the host device obtains access information from the key server 
for the host device to access the shared tree, the access information including authentication 
information unique to the host device; the designated device obtains the access information 
associated with the host device from the key server for euablingthe host device to access the 
shared tree; the host device sends an access control message to the designated device to join the 
shared tree; and the designated device uses the access information to authenticate the host device 
before adding the host device to the shared tree. .." 
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No such structure, wherein access infoimation unique to the host device is forwarded by 
the key server to both a host and another device (the designated device) is shown or suggested in 
Mittra. Rather, Mittra establishes a secure channel between the GSC and the member for the 
puipo$es of allowing the member to join the group. Then, a group key, not the secure channel 
information, is forwarded to other members of the group. As explicitly stated in Mittra 
'members do not know about each other. . . * 

Accordingly, for at least the reason that every limitation of claim 1 is neither described 
nor suggested in Mittra, the rejection under 35 U.S.C. §1 02 should be withdrawn. Independent 
claims 16, 28, 40, 61, 68, 75, 87, 99 and 122 have been amended to include limitations similar to 
those of claim 1 which assist to distinguish the claims over Mittra, and thus the rejection undcer 
35 U.S.C. §102 for these claims should be withdrawn as well. Dependent claims 2-15, 17-27, 29- 
39, 41-60, 69-74, 76-86, 88-98, 100-121 and 122-144 serve to add further patentable limitations 
to their parent independent claims, but are allowable for at least the reason put forth above with 
regard to their parent independent claim. 

Independent claim 145 has been amended to include a limitation of claim 147, and claim 
147 has been cancelled. . Independent claim 45 as amended now recites "„ .A communication 
message embodied in a data signal, the communication message comprising a group key for a 
multicast group and access infonnation for a host device, wherein the access information 
comprises an expiration date for the authentication key.„" 
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The Examiner states, at page 1 3 of the office action ' . . .for an authentication to function 
properly, it inherently must posses an expiration method of some sort. . . 7 This appears to be an 
assumption of the Examiner, although official notice has not been taken, and does not appear to 
be based on any teaching of any reference provided, including Mittra. Accordingly, because each 
limitation of the claim is not shown or suggested in the Ivlittra reference, the rejection of claim 
145 and associated dependent claims under 35 U.S,C. §102 is improper, and should be 


Applicants have made a diligent effort to place the claims in condition for allowance. 
However, should there remain unresolved issues that require adverse action, it is respectfully 
requested that the Examiner telephone Lindsay G, McGuinness, Applicants 1 Attorney at 978-264- 
6664 so that such issues may be resolved as expeditiously as possible. 

For these reasons, and in view of the above amendments, this application is now 
considered to be in condition for allowance and such action is earnestly solicited. 


withdrawn. 


Respectfully Submitted, 




Attorney/Agent for Applicants) 
Steubing McGninness & Manaras LLP 
125 Nagog Park Drive 
Acton, MA 01720 
(978) 264-6664 


Docket No- 120-147 
Dd: 6/30/2004 
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CLAIMS 

1 . (currently amended) A communication system comprising: 

a plurality of multicast devices forming a shared multicast distribution tree; 
a host device; a»4 
a key server: and 

a designated devic e, separate from the key server, through which the host device accesses 
the shared tree, wherein: 

the ho$t device obtains access information from the key server for the host device to 
access the shared tree ^jhe access information including authentication information unique to the 
host device: 

the designated device obtains the access information associated with the host device from 
the key server fef for enabling t he host device to access the shared tree; 

the host device sends an access control message to the designated device to join the 
shared tree; and 

the designated device uses the access information to authenticate the host device before 
adding the host device to the shared tree, 

2. (currently amended) Hie communication system of claim I, further comprising -a wherein the 
key server includes lope f or authenticating the host device and generating the access information 
for the host device to access the shared tree. 

3* (original) The communication system of claim 2, wherein the key server provides the access 
information to the host device over a secure communication channel. 

4. (original) The communication system of claim 2, wherein the key server provides the access 
information to the designated device using a imicast distribution mechanism. 

5. (original) The communication system of claim 2, wherein the key server provides the access 
information to the designated device using a multicast distribution mechanism. 
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6. (original) The communication system of claim 2, wherein the key server provides the access 
information to the designated device using a broadcast distribution mechanism. 

7. (original) The communication system of claim 2, wherein the designated device requests the 
access information from the key server upon receiving the access control message. 

8. (original) The communication system of claim 2, wherein the key server provides the access 
information to the plurality of multicast devices forming the shared tree. 

9. (original) The communication system of claim 1, wherein the access information comprises: 

a token identifier; and an authentication key. 

10. (original) The communication system of claim 9, wherein the access control message 
comprises the token identifier. 

1 1 . (original) Tbe communication system of claim 10, wherein the access control message is an 
Internet Group Management Protocol (IGMP) join request including the token identifier. 

12. (original) The communication system of claim 1„ wherein the designated device joins the 
shared tree on behalf of the host device upon authenticating the host device. 

13. (original) The communication system of claim 12, wherein the shared tree is a Protocol 
Independent Multicast (PIM) shared tree, and wherein the designated device sends a PIM join 
request upstream toward a rendezvous point device in order to join the shared tree on behalf of 
the host device upon authenticating the host device. 

(original) The communication system of claim 1 P wherein the designated device forwards the 
access control message to a neighboring device upon failing to authenticate the host device using 
the access information. 
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15. (original) The communication system of claim 14, wherein the neighboring device obtains 
the access information and authenticates the host device using the access information, 

16. (currently amended) A method performed at a kev server c omprising: 

authenticating a host device; 

generating access information by the kev server for the host device to join a multicast 
grou p, the access information including aut hentication i nformation unique to the host device: 

sending the access information to the host device; and sending the access information to a 
separate designated device for the through which h ost device gains access to a shared multicast 
distribution tree. 

17. (original) The method of claim 16, wherein the access information comprises: 
a token identifier; and an authentication key. 

18. (original) The method of claim 17, wherein the access information further comprises an 
expiration date for the authentication key. 

19. (original) The method of claim 17 ? wherein the access information further comprises a public 
key. 

20. (original) The method of claim 16 s wherein sending the access infoimation to the host device 
comprises: 

sending a communication message including the access information to the host device 
over a secure communication channel. 

2L (original) The- method of claim 20, wherein the communication message is a group key 
management communication message. 

22. (original) The method of claim 16, wherein sending the access information to the designated 
device for the host device comprises: 
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sending a communication message including the access infoimation to the designated 
device over a secure communication channel. 

23. (original) The method of claim 22, wherein the commtuiication message is a unicast 
communication message addressed to the designated device. 

24. (original) The method of claim 22, wherein the communication message is a multicast 
communication message addressed to a multicast group of which the designated device is a 
member. 

25. (original) The method of claim 22, wherein the communication message is a broadcast 
communication message. 

26. (original) The method of claim 16, wherein generating the access information comprises: 

generating an access token including the access information. 

27. (original) The method of claim 26, wherein the access token comprises: 
a group identifier for identifying a multicast group; 

a host identifier for identifying the host device; 
a token identifier for identifying the access token; 
an authentication key for the host device; 
an expiration date for the authentication key; 

a server identifier for identifying a key server; and a public key for the key server. 

28- (currently amended) A method performed at a host device c omprising: 

obtaining access information from a key server for joining a multicast group from an 
access information serve r, the access information including authentication information unique to 
the host device : 

generating an access control message for joining the multicast group using the access 
information; and 
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sending the access control message to a designated device separate from the key server 
for enabling the host device to join joining the multicast group. 

29. (original) The method of claim 28> wherein the access information comprises: 
a token identifier; and an authentication key, 

30. (original) The method of claim 29, wherein generating the access control message using the 
access information comprises: 

including the token identifier in the access control message. 

31. (original) The method of claim 28, further comprising: 

generating authentication information using the access information; and sending the 
authentication information to the designated device. 

32. (original) The method of claim 31, wherein generating the authentication information using 
the access information comprises generating a digital signature using the access information and 
a predetermined digital signature scheme, 

33. (original) The method of claim32 ?> wherein the predetermined digital signature scheme 
comprises a keyed hash function, 

34. (original) The method of claim 33, wherein the keyed hash function comprises GPsec AH 
with HMAC-MD5. 

35. (original) The method of claim 33 s wherein the keyed hash function comprises IPsec AH 
withHMAC-SHAl. 

36. (original) The method of claim 29, wherein the access information further comprises a token 
identifier. 
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37. (original) The method of claim 36, wherein generating the access control message using the 
access information comprises: 

including the token identifier in the access control message. 

38. (original) The method of claim 37, wherein the access control message is an Internet Group 
Management Protocol (IGMP) join request message including the token identifier. 

39. (original) The method of claim 28, further comprising: 

establishing a security agreement with the designated device using the access information. 

40. (currently amended) A method performed at a designated device that controls access to a 
shared multicast tree c omprising : 

receiving an access control message from a host device; 

determining whether the host device is authorized to access a shared multicast 
distribution tree based upon access information for the host devic e, the access information 
including authentication information unique to the host device and being received by the 
designated device from a separate key server , and 

joining the shared tree on behalf of the host device if the host device is determined to be 
authorized to access the shared tree. 

41. (original) The method of claim 40, further comprising: 

obtaining the access information for the host device. 

42. (original) The method of claim 41, wherein obtaining the access information for the host 
device comprises: 

receiving the access information from an access information server prior to receiving the 
access control message from the host device. 

43. (original) The method of claim 41, wherein obtaining the access information for the host 
device comprises: 
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requesting the access information from an access information server after receiving the 
access control message from the host device. 

44. (original) The method of claim 40, wheiein determining whether the host device is authorized 
to access the shared tree comprises: 

maintaining an access information database; 
searching the access information database for the access information for the host device; 

failing to find the access information for the host device in the access information 
database; and 

determining that the host device is not authorized to access the shared tree. 

45. (original) The method of claim 40, wherein determining whether the host device is authorized 
to acce$s the shared tree comprises; 

maintaining an access information database; 

searching the access information database for the access information for the host device; 
failing to find the access information for the host device in the access information 
database; and 

forwarding the access control message to a neighboring device. 

46. (original) The method of claim 40, wherein the access information comprises: 
a token identifier; and an authentication key, 

47. (original) The method of claim 46, wherein the access control message includes the token 
identifier. 

48. (original) The method of claim 46, wherein the access information further comprises an 
expiration date for the authentication key. 

49. (original) The method of claim 48, wherein determining whether the host device is authorized 
to access the shared tree comprises: 
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determining that the authentication key has expired based upon the expiration date for the 
authentication key; and 

determining that the host device is not authorized to access the shared tree. 

50. (original) The method of claim 48, wherein determining whether the host device is authorized 
to access the shared tree comprises: 

determining that the authentication key has expired based upon the expiration date for the 
authentication key; and 

forwarding the access control message to a neighboring device. 

51. (original) The method of claim 40, wherein determining whether the host device is authorized 
to access the shared tree comprises: 

authenticating the host device using the access information and a predetermined 
authentication scheme; and 

determining whether the host device is authorized to access the shared tree based upon 
authenticating the host device using the access information and the predetermined authentication 
scheme. 

52. (original) The method of claim 51, wherein authenticating the host device using the access 
information and the predetermined authentication scheme comprises: 

receiving authentication information from the host device; and authenticating the host 
device based upon the access information and the authentication information received from the 
host device. 

53. (original) The method of claim 52, wherein the authentication information comprises a digital 
signature, and wherein authenticating the host device based upon the access information and the 
authentication information received from the host device comprises: 

verifying the digital signature using the access information and a predetermined digital 
signature scheme. 
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54. (original) The method of claim 53 , wherein the predetermined digital signature scheme 
comprises a keyed hash function. 

55. (original) The method of claim 54, wherein the keyed hash function comprises IPsec AH with 
HMAC-MD5. 

56. (original) The method of claim 54, wherein the keyed hash function comprises IPsec AH with 
HMAC-SHA1. 

57. (original) The method of claim 51, wherein determining whether the host device is authorized 
to access the shared tree based upon authenticating the host device using the access information 
and the predetermined authentication scheme comprises: 

determining that authentication failed; 

determining that the host device is not authorized to access the shared tree. 

5 8. (original) The method of claim 57, further comprising: 

forwarding the access control message to a neighboring device. 

59. (original) The method of claim 51, wherein deteimining whether the host device is authored 
to access the shared tree based upon authenticating the host device using the access information 
and the predetermined authentication scheme comprises: 

determining that authentication succeeded; and 

determining that the host device is authorized to access the shared tree. 

60. (original) The method of claim 40, further comprising: 

establishing a security association with the host device using the access information upon 
determining that the host device is authorized to access the shared tree. 

61. (currently amended) An apparatus comprising: 

authenticating logic operably coupled to authenticate a host device; 
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access logic operably coupled to generate access information for the host devic e,_the 
access infor mation including authentication information unique to the host device: 
and distribution logic operably coupled to distribute the access information both t o the host 
device and to a separate d esignated device for enabling t he host device to access a shared 
multicast distribution tree through the designated device . 

62. (original) The apparatus of claim 61, wherein the access logic is operably coupled to generate 
an access token for the host device including the access information. 

63. (original) The apparatus of claim 62, wherein the access token comprises: 
a group identifier for identifying a multicast group; 

a host identifier for identifying the host device; 
a token identifier for identifying the access token; 
an authentication key for the host device; 
an expiration date for the authentication key; 

a server identifier for identifying a key server; and a public key for a key server. 

64. (original) The apparatus of claim 61 , wherein the distribution logic comprises: 

group key management logic operably coupled to send the access information to the host 

device. 

65. (original) The apparatus of claim 61, wherein the distribution logic comprises: 

unicasting logic operably coupled to send the access information to the designated device using a 
unicast mechanism. 

66. (original) The apparatus of claim 61> wherein the distribution logic comprises: 
multicasting logic operably coupled to send the access information to the designated device using 
a multicast mechanism. 

67. (original) The apparatus of claim 61, wherein the distribution logic comprises: 
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broadcasting logic operably coupled to send the access information to the designated device 
using a broadcast mechanism. 

68. (currently amended) A computer program for controlling a key server in a computer system, 
the computer program comprising: 

authenticating logic programmed to authenticate a host device; 

access logic programmed to generate access information for the host device the access 
information including authentication information unique ot the host device : and 

distribution logic programmed to distribute the access information to the host device and 
to a separate designated device for enabling the host device to access a shared multicast 
distribution tree through the designated device . 

69. (original) The computer program of claim 68, wherein the access logic is programmed to 
generate an access token for the host device including the access information. 

70. (original) The computer program of claim 69 5 wherein the access token comprises: 
a group identifier for identifying a multicast group; 

a host identifier for identifying the host device; 
a token identifier for identifying the access token; 
an authentication key for the host device; 
an expiration date for the authentication key; 

a server identifier for identifying a key server; and a public key for a key server. 

71 . (original) The computer program of claim 68, wherein the distribution logic comprises: 

group key management logic programmed to send the access information to the host 

device: 

72. (original) The computer program of claim 68, wherein the distribution logic comprises: 

unicasting logic programmed to send the access information to the designated device 
using a unicast mechanism. 
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73. (original) The computer program of claim 68, wherein the distribution logic comprises: 

multicasting logic programmed to send the access information to the designated device 
using a multicast mechanism. 

74. (original) The computer program of claim 68 , wherein the distribution logic comprises: 

broadcasting logic programmed to send the access information to the designated device 
using a broadcast mechanism. 

75. (currently amended) An apparatus comprising: 

receiving logic operably coupled to receiv e, from an access information server, access 
information uniaue to a host device, for the access information enabling the host device to join 
joining a multicast group from an acc e ss information s e rv e r ; and 

access logic operably coupled to generate an access control message for joining the 
multicast group using the access information and to send the access control message to a 
designated device separate from the access information server and coupling the host device to fe* 
joining the multicast group. 

76. (original) The apparatus of claim 75 > wherein the access information comprises: 
a token identifier; and an authentication key. 

77. (original) The apparatus of claim 76, wherein the access logic is operably coupled to include 
the token identifier in the access control message. 

78. (original) The apparatus of claim 75, wherein the access logic is operably coupled to generate 
authentication information using the access information and send the authentication information 
to the designated device. 
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79. (original) The apparatus of claim 78, wherein the access logic is operably coupled to generate 
the authentication information by generating a digital signature using the access information and 
a predetermined digital signature scheme. 

80. (original) The apparatus of claim 79, wherein the predetermined digital signature scheme 
comprises a keyed hash function. 

SI. (original) The apparatus of claim 80 5 wherein the keyed hash function comprises IPsec AH 
with HMAC-MD5. 

82. (original) The apparatus of claim 80, wherein the keyed hash function comprises EPsec AH 
withHMAC-SHAL 

83. (original) The apparatus of claim 76, wherein the access information further comprises a 
token identifier. 

84. (original) The apparatus of claim 83, wherein the access logic is operably coupled to include 
the token identifier in the access control message. 

85. (original) The apparatus of claim 84, wherein the access control message is an Internet Group 
Management Protocol (IGMP) join request message including the token identifier. 

86. (original) The apparatus of claim 75, wherein the access logic is operably coupled to establish 
a security agreement with the designated device using the access information. 

87. (currently amended) A computer program for controlling a computer system, the computer 
program comprising: 

receiving logic programmed to receive access information for joining a multicast group 
from an access information serve r, the access information including authentication information 
unique to a host device: and 
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access logic programmed to generate an access control message for joining the multicast 
group using the access information and to send the access control message to a designated device 
separate from the access information server and coupling the host device to for joining the 
multicast group. 

88. (original) The computer program of claim 87, wherein the access information comprises: 

a token identifier; and an authentication key r 

89. (original) The computer program of claim 88 ? wherein the access logic is programmed to 
include the token identifier in the access control message. 

90. (original) The computer program of claim 87, wherein the access logic is programmed to 
generate authentication information using the access information and send the authentication 
information to the designated device. 

91. (original) The computer program of claim 90, wherein the access logic is programmed to 
generate the authentication information by generating a digital signature using the access 
information and a predetermined digital signature scheme. 

92. (original) The computer program of claim 91, wherein the predetermined digital signature 
scheme comprises a keyed hash function. 

93. (original) The computer program of claim 92, wherein the keyed hash function comprises 
EPsec AH with HMAC-MD5. 

94. (original) The computer program of claim 92 ? wherein the keyed hash function comprises 
IPsec AH with HMAC-3HA1 . 

95. (original) The computer program of claim 88, wherein the access information further 
comprises a token identifier. 
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96. (original) The computer program of claim 95, wherein the access logic is programmed to 
include the token identifier in the access control message. 

97. (original) The computer program of claim 96 ? wherein the access control message is an 
Internet Group Management Protocol (IGMP) join request message including the token 
identifier. 

98. (original) The computer program of claim 87, wherein the access logic is programmed to 
establish a security agreement with the designated device using the access information. 

99. (currently amended) An apparatus comprising: 

receiving logic operably coupled to receive an access control message from a host device 
the access control message including authentication information unique to the host device; 

access logic operably coupled to determine whether the host device is authorized to 
access a shared multicast distribution tree based upon access information for the host device 
stored at the apparatus, the stored access information including authentication information unique 
to the host device and being received from a separate key server: and 

joining logic operably coupled to join the shared tree on behalf of the host device if the 
access logic determines that the host device is authorized to access the shared tree. 

100. (original) The apparatus of claim 99, wherein the access logic is operably coupled to obtain 
the access information for the host device from an access information server. 

101. (original) The apparatus of claim 100, wherein the access logic is operably coupled to obtain 
the access information for the host device from the access information server prior to receiving 
the access control message from the host device. 
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102. (original) The apparatus of claim 100, wherein the access logic is operably coupled to obtain 
the access information for the host device from the access information server after receiving the 
access control message from the host device. 

103. (original) The apparatus of claim 99, further comprising an access information database, 

104. (original) The apparatus of claim 103, wherein the access logic is operably coupled to search 
the access information database for the access information for the host device and determine that 
the host device is not authorized to access the shared tree upon failing to find the access 
information for the host device in the access information database. 

105. (original) The apparatus of claim 103, wherein the access logic is operably coupled to search 
the access information database for the access information for the host device and forward the 
access control message to a neighboring device upon failing to find the access information for the 
host device in the access information database, 

1 06. The apparatus of claim 99, wherein the access information comprises: 
a token identifier; and an authentication key. 

107. The apparatus of claim 106 5 wherein the access control message includes the token 
identifier. 

108. The apparatus of claim 106, wherein the access information further comprises an expiration 
date for the authentication key. 

109. (original) The apparatus of claim 108, wherein the access logic is operably coupled to 
determine whether the host device is authorized to access the shared tree based upon the 
expiration date for the authentication key. 
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110- (original) The apparatus of claim 109, wherein the access logic is operably coupled to 
determine that the host device is not authorized to access the shared tree upon determining that 
the authentication key has expired based upon the expiration date for the authentication key. 

111. (original) The apparatus of claim 109, wherein the access logic is operably coupled to 
forward the access control message to a neighboring device upon determining that the 
authentication key has expired based upon the expiration date for the authentication key. 

1 12. (original) The apparatus of claim 99, wherein the access logic is operably coupled to 
authenticate the host device using the access information and a predetermined authentication 
scheme. 

113. (original) The apparatus of claim 112, wherein the access logic is operably coupled to 
receive authentication information from the host device and authenticate the host device based 
upon the access information and the authentication information received from the host device. 

1 14. (original) The apparatus of claim 1 13, wherein the authentication information comprises a 
digital signature, and wherein the access logic is operably coupled to verify the digital signature 
using the access information and a predetermined digital signature scheme. 

115. (original) The apparatus of claim 1 14, wherein the predetermined digital signature scheme 
comprises a keyed hash function. 

116. (original) The apparatus of claim 115, wherein the keyed hash function comprises EPsec 
AH with HMAC-MD5. 

1 17. (original) The apparatus of claim 115, wherein the keyed hash function comprises GPsec 
AHwithHMAC-SHAl. 
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118* (original) The apparatus of claim 1 12, wherein the access logic is operably coupled to 
determine that the host device is not authorized to access the shared tree upon detennining that 
the authentication failed. 

119. (original) The apparatus of claim 118, wherein the access logic is operably coupled to 
forward the access control message to a. neighboring device upon determining that the 
authentication failed, 

120- (original) The apparatus of claim 1 12, wherein the access logic i$ operably coupled to 
determine that the host device is authorized to access the shared tree upon detennining that the 
authentication succeeded. 

121 - (original) The apparatus of claim 99 ? wherein the access information is operably coupled to 
e(original) upon determining that the host device is authorized to access the shared tree. 

122. (currently amended) A computer program for controlling a computer system, the computer 
program composing; 

receiving logic programmed to receive an access control message from a host devic e, the 
access control information including authentication information unique to the host device; 

access logic programmed to determine whether the host device is authorized to access a 
shared multicast distribution tree based upon stored a ccess information for the host devic e, the 
stored acc ess infor mation including authentication information unique to the host device and 
beinp received from a separate key server , and 

joining logic programmed to join the shared tree on behalf of the host device if the access 
logic determines that the host device is authorized to access the shared tree. 

123. (original) The computer program of claim 122, wherein the access logic is programmed to 
obtain the access information for the host device from an access information server. 
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124. (original) The computer program of claim 123, wherein the access logic is programmed to 
obtain the access information for the host device from the access information server prior to 
receiving the access control message from the host device. 

125. (original) The computer program of claim 123, wherein the access logic is programmed to 
obtain the access information for the host device from the access information server after 
receiving the access control message from the host device. 

126. (original) The .computer program of claim 122, further comprising an access information 
database. 

127. (original) The computer program of claim 126, wherein the access logic is programmed to 
search the access information database for the access information for the host device and 
determine that the host device is not authorized to access the shared tree upon failing to find the 
access information for the host device in the access information database. 

128. (original) The computer program of claim 126 ? wherein the access logic is programmed to 
search the access information database for the access information for the host device and forward 
the access control message to a neighboring device upon foiling to find the access information for 
the host device in the access information database. 

129. (original) The computer program of claim 122, wherein the access information comprises: 

a token identifier; and an authentication key. 

130. (original) The computer program of claim 129, wherein the access control message includes 
the token identifier. 

131. (original) The computer program of claim 129, wherein the access information further 
comprises an expiration date for the authentication key. 


PAGE 30/33 * RCVD AT 9/1 0/2004 10:29:26 AM [Eastern Daylight Time] * SVR:USPTO-EFXRF-1/0 * DNIS:8729306 ' CSID:9782649119 " DURATION (mm-ss):08*32 


% W-9efM0 09:00am FronrSteubing ,McGuiness & Manaras LLP 978 264 9119 T-027 P. 031/033 F-244 

Serial No. 09/607007 - 26 - Art Unit:2143 

132. (original) The computer program of claim 131, wherein the access logic is programmed to 
determine whether the host device is authorized to access the shared tree based upon the 
expiration date for the authentication key. 

133. (original) The computer program of claim 132, wherein the access logic i$ programmed to 
determine that the host device is not authorized to access the shared tree upon determining that 
the authentication key has expired based upon the expiration date for the authentication key. 

134- (original) The computer program of claim 132, wherein the access logic is programmed to 
forward the access control message to a neighboring device upon determining that the 
authentication key has expired based upon the expiration date for the authentication key. 

135. (original) The computer program of claim 122, wherein the access logic is programmed to 
authenticate the host device using the access information and a predetermined authentication 
scheme. 

136. (original) The computer program of claim 135, wherein the access logic is programmed to 
receive authentication information from the host device and authenticate the host device based 
upon the access information and the authentication information received from the host device. 

137. (original) The computer program of claim 136, wherein the authentication information 
comprises a digital signature, and wherein the access logic is programmed to verify the digital 
signature using the access information and a predetermined digital signature scheme. 

138. (original) The computer program of claim 137 ? wherein the predetermined digital signature 
scheme comprises a keyed hash function. 

139. (original) The computer program of claim 138, wherein the keyed hash function comprises 
IPsec AH with HMAC-MD5. 
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140. (original) The computer program of claim 138, wherein the keyed hash function comprises 
IPsec AH with HMAC-SHAl. 

141 . (original) The computer program of claim 135, wherein the access logic is programmed to 
determine that the host device is not authorized to access the shared tree upon determining that 
the authentication failed. 

142. (original) The computer program of claim 141, wherein the access logic is programmed to 
forward the access control message to a neighboring device upon determining that the 
authentication failed. 

143. (original) The computer program of claim 135, wherein the access logic i$ programmed to 
determine that the host device is authorized to access the shared tree upon determining that the 
authentication succeeded. 

144. (original) The computer program of claim 122, wherein the access information is 
programmed to establish a security association with the host device using the access information 
upon determining that the host device is authorized to access the shared tree. 

145. (currently amended) A communication message embodied in a data signal, the 
communication message comprising a group key for a multicast group and access information for 
a host device 4 

wherein the access information comprises an expiration datejorthe authentication key . 

146. (original) The communication message of claim 145, wherein the access information 
comprises: 

a token identifier; and 
an authentication key. 

147. (cancelled) 
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148. (original) The communication message of claim 145, wherein the access information 
comprises an access token. 

149. (original) The communication message of claim 148, wherein the access token comprises: 

a group identifier for identifying a multicast group; 
a host identifier for identifying the host device; 
a token identifier for identifying the access token; 
an authentication key for the host device; 
an expiration date for the authentication key; 

a server identifier for identifying a key server; and a public key for the key server. 


150. (cancelled) 

151. (cancelled) 

152. (cancelled) 
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